First industry-driven framework for analyzing and describing the efforts of software suppliers to mitigate the potential that software could be intentionally compromised during its sourcing, development or distribution.

http://safecode.org/wp-content/uploads/2014/06/SAFECode_Supply_Chain0709.pdf